Skip Menu |

This queue is for tickets about the DBD-Pg CPAN distribution.

Report information
The Basics
Id: 4818
Status: resolved
Priority: 0/
Queue: DBD-Pg

People
Owner: Nobody in particular
Requestors: josh [...] lavendergreens.org
Cc:
AdminCc:

Bug Information
Severity: Important
Broken in: 1.31
Fixed in: 1.32



Subject: dbdimp.c null pointer dereference in dbd_pg_fetch
pg_type_data is allowed to return NULL but a subsequent dereference does not take that into account. Fetching unhandled types like arrays causes a segfault.
diff -u DBD-Pg-1.31/dbdimp.c DBD-Pg-1.32/dbdimp.c --- DBD-Pg-1.31/dbdimp.c 2003-10-27 13:57:02.000000000 -0600 +++ DBD-Pg-1.32/dbdimp.c 2004-01-02 20:43:51.000000000 -0600 @@ -1028,7 +1028,9 @@ pg_type = PQftype(imp_sth->result, i); type_info = pg_type_data(pg_type); - + if (dbis->debug >= 2) + PerlIO_printf(DBILOGFP, "pg_type %d type_info %d\n", pg_type, type_info == NULL); + if (type_info) type_info->dequote(value, &value_len); /* dequote in place */ else @@ -1036,7 +1038,7 @@ sv_setpvn(sv, value, value_len); - if ((type_info->type_id == BPCHAROID) && chopblanks) { + if (type_info && (type_info->type_id == BPCHAROID) && chopblanks) { p = SvEND(sv); len = SvCUR(sv); while(len && *--p == ' ')